It’s a nightmare scenario for Microsoft. The headlining feature of its new Copilot+ PC initiative, which is supposed to drive millions of PC sales over the next couple of years, is under significant fire for being what many say is a major breach of privacy and security on Windows. That feature in question is Windows Recall, a new AI tool designed to remember everything you do on Windows. The feature that we never asked and never wanted it.
Microsoft, has done a lot to degrade the Windows user experience over the last few years. Everything from obtrusive advertisements to full-screen popups, ignoring app defaults, forcing a Microsoft Account, and more have eroded the trust relationship between Windows users and Microsoft.
It’s no surprise that users are already assuming that Microsoft will eventually end up collecting that data and using it to shape advertisements for you. That really would be a huge invasion of privacy, and people fully expect Microsoft to do it, and it’s those bad Windows practices that have led people to this conclusion.
A lot of people here seem to be missing the nuance.
Sure, it’s problematic for their consumer market share, but you’re right that that’ll probably be forgotten by the mostly tech-illiterate populace over time. But that’s not the problem.
Step 0 of MS’s plan for this should have been “make sure there is an absolutely bulletproof and ironclad way to disable that stuff completely for enterprise customers”. And they didn’t do that. So now, enterprise IT writ large is going to… you know… just not buy any of these devices. Which is absolutely their right.
But the really frustrating bit is that MS may have significantly harmed the rollout of ARM-based laptops (as well as x86 chips with beefy NN-optimized tiles) with this, and additionally done real, massive harm to Intel, AMD, and Qualcomm by doing so. All three of those manufacturers have gone to ENORMOUS lengths to roll this tech out, largely at MS’s behest. They’re all going to take this on the chin if the rollout goes poorly. And the rollout is already going poorly.
But MS thought they could Apple-handwave away the details. And they can’t, because a lot of people who understand the absurd security implications of continuous capture and OCR and plaintext storage of the OCR output. It’s not something you can handwave away. It’s entirely a non-starter in the context of maintaining organizational security (as well as personal data security, but we’ve already talked about why that’s a bit of a moot point with the general public). But enterprise IT largely does try to take their job seriously, and they are collectively calling MS’s bluff.
The problem for the long term is that MS has pretty much proven to the IT industry with this stunt that they can’t be trusted to make software that conforms to their needs. That’s a stain that isn’t going to go away any time soon. It might even be the spark that finally triggers enterprise to move away from MS as a primary client OS. After all, Linux is WAY easier to manage from a security perspective.
TL;DR: the issue is that MS has significantly damaged their reputation with this stunt. And you can’t buy reputation.
Edit:
The article has an update:
It’s definitely a move in the right direction… but it also begs the question of why didn’t they do that in the first fucking place? Seriously, some heads are gonna roll over how badly this whole release was planned, and the very clear lack of due diligence.